The certificate request created in the previous step must be send to a CA. The CA is responsible to create a valid server certificate based on the information provided by the CSR.

Important: the certificate emitted by the CA must follow the PKCS#7 certificate chain format. The response file must contain the public key certificate of the ABAP server as well as the CA’s root certificate. SAP Help

The following screenshots are taking from my own CA.

Add an end entity for the server.

Submit CSR

Download certificate

Save as p12 (PKCS#7)

Result

You now have a P7B file that contains the signed certificate for the server in Baes64 format.